This report shares findings from the Adaptiva 2019 Enterprise Endpoint Security Survey. The survey investigates cybersecurity priorities and challenges in the IT environment. It focuses on securing Microsoft Windows endpoint devices in business.
Over 200 professionals participated in the annual survey, now in its fourth year. Almost all respondents come from IT (98%), with 40% coming from enterprises with 10,000 or more Windows endpoint devices. Participants come from IT security as well as operations. The executive branch is represented, with 7% in CIO or CSO roles.
Businesses Say Top Cybersecurity Challenge Is Scanning Endpoints for Vulnerabilities
Respondents identified their greatest vulnerability management (VM) challenge was running automated vulnerability scanning tools. This indicates that the current landscape of VM scanning solutions on the market is not solving the problem. This challenge is increasingly vexing as the number of vulnerabilities discovered daily continues to rise.
Enterprises Admit They Can’t Fix Known Security Issues Fast Enough
When vulnerabilities are found, most organizations (52%) take up to a week to remediate them, and many more (22%) take a month or longer. In a world where cyberattackers need only a few minutes of access to bring down an entire organization, companies can’t afford to leave themselves exposed. Companies suffer from a dangerous remediation gap, where they know vulnerabilities exist but they can’t resolve them quickly.
71% of Companies Will Fail to Complete Windows 10 Migrations by 2020
A mere 29% of companies will have completely migrated to Windows 10 by January 14, 2020 (Windows 7’s end of support date). In spite of Microsoft’s aggressive push to Windows 10, older versions persist and may for some time. Those systems lack Windows 10’s many security enhancements, and the end of security updates for Windows 7 will put those systems further at risk.
Looking forward, it’s clear that companies will be seeking to cover the complete vulnerability life cycle management to achieve greater risk reduction. They will need to improve security hygiene and compliance though ongoing scanning and remediation. Because the pace of new vulnerabilities, threats, and exploits is accelerating, IT professionals will have to work smarter. The organizations that thrive will be those that use the best tools and automate as much as possible.